/**
* Add a password to the given account.
* @throws UserSignupException if the user could not be signed up, with a reason
* @throws UserAlreadyExistsException if the password already exists in the database
*/
static function addPassword(\Db\Connection $db, User $user, $password)
{
if (!$user) {
throw new \InvalidArgumentException("No user provided.");
}
// does such a password already exist?
$q = $db->prepare("SELECT * FROM user_passwords WHERE user_id=? LIMIT 1");
$q->execute(array($user->getId()));
if ($q->fetch()) {
throw new UserAlreadyExistsException("That account already has a password.");
}
// does the user have an email? required
$email = $user->getEmail();
if (!$email) {
throw new UserSignupException("That account requires an email address to add a password.");
} else {
if (!is_valid_email($email)) {
throw new UserSignupException("That is not a valid email.");
}
}
// create a new password
$q = $db->prepare("INSERT INTO user_passwords SET user_id=?, password_hash=?");
$q->execute(array($user->getId(), UserPassword::hash($password)));
return true;
}
